Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,306 advisories

Loading
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured... High Unreviewed
CVE-2020-3923 was published May 24, 2022
This was addressed with additional checks by Gatekeeper on files mounted through a network share.... Moderate Unreviewed
CVE-2020-3866 was published May 24, 2022
This issue was addressed with improved checks. This issue is fixed in iOS 13.3.1 and iPadOS 13.3... Low Unreviewed
CVE-2020-3844 was published May 24, 2022
The Software Development Kit of the MiContact Center Business with Site Based Security 8.0... Moderate Unreviewed
CVE-2020-9379 was published May 24, 2022
Huawei mobile phones Ever-L29B versions earlier than 10.0.0.180(C185E6R3P3), earlier than 10.0.0... Low Unreviewed
CVE-2020-1882 was published May 24, 2022
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper... Low Unreviewed
CVE-2020-1791 was published May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a... Moderate Unreviewed
CVE-2020-6380 was published May 24, 2022
A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka... Moderate Unreviewed
CVE-2020-0702 was published May 24, 2022
When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client... Moderate Unreviewed
CVE-2020-5855 was published May 24, 2022
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com... Moderate Unreviewed
CVE-2020-8495 was published May 24, 2022
An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the... Moderate Unreviewed
CVE-2019-5474 was published May 24, 2022
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The... High Unreviewed
CVE-2019-17190 was published May 24, 2022
The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip... Moderate Unreviewed
CVE-2020-5194 was published May 24, 2022
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through... Low Unreviewed
CVE-2020-5197 was published May 24, 2022
An Improper Authorization - CWE-285 vulnerability exists in EcoStruxure? Control Expert V14.0 and... High Unreviewed
CVE-2019-6855 was published May 24, 2022
IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-origin resource sharing which... Moderate Unreviewed
CVE-2019-4343 was published May 24, 2022
Pandora FMS 7.x suffers from remote code execution vulnerability. With an authenticated user who... High Unreviewed
CVE-2019-19681 was published May 24, 2022
Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows space developers to list all... Moderate Unreviewed
CVE-2019-11294 was published May 24, 2022
This improper access control vulnerability allows remote attackers to gain unauthorized access to... High Unreviewed
CVE-2019-7192 was published May 24, 2022
In Cloudera CDH before 5.7.1, Impala REVOKE ALL ON SERVER commands do not revoke all privileges. High Unreviewed
CVE-2016-4572 was published May 24, 2022
Cloudera CDH before 5.6.1 allows authorization bypass via direct internal API calls. Moderate Unreviewed
CVE-2016-3131 was published May 24, 2022
Insufficient policy enforcement in extensions in Google Chrome prior to 77.0.3865.75 allowed an... Moderate Unreviewed
CVE-2019-5879 was published May 24, 2022
Insufficient policy enforcement in service workers in Google Chrome prior to 78.0.3904.70 allowed... Moderate Unreviewed
CVE-2019-13716 was published May 24, 2022
P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E180R2P1) have an improper... Moderate Unreviewed
CVE-2019-5231 was published May 24, 2022
A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 (7.3.0.601)... Moderate Unreviewed
CVE-2018-18819 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database